package com.vastcom.action;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;
import org.springframework.beans.factory.annotation.Autowired;

import com.vastcom.service.RcService;


public class UrlPermissionFilter extends PermissionsAuthorizationFilter {
	
	@Autowired
	private RcService rcservice;
	
	

	@Override
	public boolean isAccessAllowed(ServletRequest request,
			ServletResponse response, Object mappedValue) throws IOException {
		
		 HttpServletRequest req = (HttpServletRequest) request;  
		 HttpServletResponse rsp=(HttpServletResponse)response;
	        String path = req.getServletPath();
	        
	        System.out.println("执行路径"+path);
		//资源ID
	        String resourceid=rcservice.getResourceIdByPath(path);
	        //角色ID
	        String roleid=(String)req.getSession().getAttribute("roleid");
	        
	        //判断是否是注册保护资源
	        if(resourceid==null){
	        	System.out.println("非保护资源");
	        	return true;
	        }
	        else{
	        	System.out.println("注册保护资源");
	        	
	        	if(rcservice.hasResource(roleid, resourceid)){
	        		return true;
	        	}
	        	else{
	        		return false;
	        	}
	        	
	        	
	        }
	        
	        
	        
		
		
		
		
	}
	
	
	
	protected String[] buildPermissions(ServletRequest request) {  
        String[] perms = new String[1];  
        HttpServletRequest req = (HttpServletRequest) request;  
        String path = req.getServletPath();  
        
        
        perms[0] = path;
       // System.out.println("path打印"+path);
        //path直接作为权限字符串  
        /*String regex = "/(.*?)/(.*?)\\.(.*)"; 
        if(url.matches(regex)){ 
            Pattern pattern = Pattern.compile(regex); 
            Matcher matcher = pattern.matcher(url); 
            String controller =  matcher.group(1); 
            String action = matcher.group(2); 
             
        }*/  
        return perms;  
    }  

	
	
	
}
